package com.wechat.it.isales.auth.server.handler;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import net.oauth.OAuth;

import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.rs.security.oauth.utils.OAuthConstants;

import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;

public class AuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {

	private String authorizeUrl;

	public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
			AuthenticationException exception) throws IOException, ServletException {
		String oauthToken = request.getParameter(OAuth.OAUTH_TOKEN);
		String xScope = request.getParameter(OAuthConstants.X_OAUTH_SCOPE);

		StringBuffer url = new StringBuffer(authorizeUrl).append("?").append(OAuth.OAUTH_TOKEN).append("=")
				.append(oauthToken);

		if (!StringUtils.isEmpty(xScope)) {
			url.append("&").append(OAuthConstants.X_OAUTH_SCOPE).append("=").append(xScope);
		}

		setDefaultFailureUrl(url.toString());
		super.onAuthenticationFailure(request, response, exception);
	}

	public void setAuthorizeUrl(String authorizeUrl) {
		this.authorizeUrl = authorizeUrl;
	}
}
